SoylentNews is people
SoylentNews
Tyler of tjll.net writes in his blog:
After my Asus N66U kicked the bucket, I considered a few options: another all-in-one router, upgrade to something like an EdgeRouter, or brew something custom. When I read the Ars Technica article espousing the virtues of building your own router, that pretty much settled it: DIY it is.
I've got somewhat of a psychological complex when it comes to rolling my own over-engineered solutions, but I did set some general goals: the end result should be cheap, low-power, well-supported by Linux, and extensible. Incidentally, ARM boards fit many of these requirements, and some like the Raspberry Pi have stirred up so much community activity that there's great support for the ARM platform, even though it may feel foreign from x86.
I've managed to cobble together a device that is not only dirt cheap for what it does, but is extremely capable in its own right. If you have any interest in building your own home router, I'll demonstrate here that doing so is not only feasible, but relatively easy to do and offers a huge amount of utility - from traffic shaping, to netflow monitoring, to dynamic DNS.
I built it using the espressobin, Arch Linux Arm, and Shorewall.
Submitted via IRC for TheMightyBuzzard
(Score: 4, Interesting) by DannyB on Friday April 13 2018, @04:32PM (4 children)
Building your own router, and for under $50 must be fun. Yes, really. I could not have hit that price.
I used to dink around with this. In 1999, my Linux box *was* the router. Two ethernet cards. Reading up on IPCHAINS. (Predating IPTABLES.) At that time, as far as I know, there was no such thing as an inexpensive home router with NAT so you could have other PCs all sharing your cable internet connection. (We were one of the first places in the country to have cable internet service. Must have been in 1996. We moved in 1997. In that new house I got Linux in 1999. We had cable internet in the old house before the move.)
In later years I would get an off the shelf router and change out the firmware. The first was the famous WRT54GT. When that bit the dust, another plastic router reflashed.
With the advent of smart phones, newer and faster WiFi, laptops, tablets, TiVos, RoKus,SmartTVs, etc all hungry for WiFi. Two adults and one high-schooler all with lots of high tech, our gadgets. Our 3rd router wasn't handling it anymore. Lots of dropped connection problems.
This time, I decided to go strictly off the shelf. Got a nice under $300 router. Not skimping this time. Bristling with antennas. Two separate 5G transcievers. Beam forming. All the buzzwords at the time. It was very configurable with stock firmware. Easy to set up for my static IP and a few port forwards. No reason to mess with it. The experience was easy, even with the static IP and fake MAC address on the cable modem side. Had that router for 2.5 years now and it still works great. Plop a 2T pocket drive on it, and instant file server and media server for the RoKus in the house.
Despite the fun of 20 years ago, and a couple re-flashed plastic routers since that, I realized in late 2015 that my time and energy is worth something and have not regretted just buying a good off the shelf router to save myself a lot of time and energy.
I'm also in the process of switching from a home static IP to a virtual private server (VPS) in the cloud.
The lower I set my standards the more accomplishments I have.
(Score: 5, Insightful) by bobthecimmerian on Friday April 13 2018, @06:22PM (1 child)
Despite the fun of 20 years ago, and a couple re-flashed plastic routers since that, I realized in late 2015 that my time and energy is worth something and have not regretted just buying a good off the shelf router to save myself a lot of time and energy.
I work in tech, and would bet that you do too. My experience is similar - I play with technology these days, but not as much as I did in 2000 or even 2010. However, all that time I spent trying different things with networking, Linux installations, hosting my own services, and so forth paid off many times over in my career. I have a lot of colleagues that are bright, friendly, professional, and highly skilled at their primary role but have no idea how to proceed when DNS goes down, or they need to securely move files around a network, or they have to setup a virtual machine, and so forth. We work at a similar pace on our primary jobs but for all sorts of ancillary tasks I'm ten times faster because I was such a tinkerer.
(Score: 2) by DannyB on Saturday April 14 2018, @02:38PM
I totally relate to that. In my career, wherever I have been, I have been the, or one of the 'go to' guys for answers to the questions nobody else can answer. Why? Just because I always study. Read. Keep up with what is going on in the industry. Experiment. And tinker.
Buying an off the shelf router does not mean that I don't still tinker. But I already paid my dues tinkering together a router and NAT a long time ago. Back when you couldn't buy it (affordably, for consumers) off the shelf.
One of my former bosses called it 'being a lifelong learner'. Even now in a big organization, I have the attention of bosses up to a senior VP. Back in 2014, my boss's boss's boss was visiting my office location. He came in to my office, handed me a boxed Raspberry Pi 1, and said "do something cool with this and let me know what you do". My jaw just about hit the floor.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Friday April 13 2018, @11:20PM (1 child)
Many years here too. Learned a lot doing it all. I am currently the guy that backs up all the other guys... from micros to main frames, along with any software. It is hard to get to management to understand that "in case of fire", I am the one that all call.
First firewall was a Smoothwall and wireless networking was very young. Had ISDN in my home. It was nice having a caching firewall prevented a lot of fetches, so speed was fast! Main server was Linux with VMware v1 beta and Windows server NT/3.5.1. Dual Pentium Pro with 128MB of RAM.
Second Firewall was IPCop V1 on a 486sx25 with 12MB (yes, 12) and 273MB hard drive. w/ dual intel 10baseT ISA cards. Lasted from DSL and CABLE modems. Wireless still a twinkle in the eye.
Third was IPCop V2 on K6-2 400 128MB 1GB drive. All 3 PCI bus cards network cards 10/100 speed. WRT54L mesh (3 of them) ran my house. moving video between Replay DVRs - had ethernet ports and JAVA based emulator of server to handle be 4 virtual replays on my main server to pull shows from two physical boxes.
Fourth was IPCop V2 on Pentium III 1GB 10GB drive. K6-2 drive died and finding a PATA is tough, my backup stock is out. All 4 PCI bus cards network cards 10/100/1000 . Still is current. Wireless Routers are 6... Netgear R7900 main backbone, Netgear R7000 as bridge, AmplFi running as bridge (called mesh in their configuration), ASUS Lyra (3 in "mesh" - really 1 router and 2 bridges) to extend network to all corners. I am broadcasting 6 SSID networks over all this equipment.
Backup Raspberry 1B with 3 USB-ethernet adapters, so 4 channels as backup with IPFire. IPFire will not work on RPi 2B or 3B, since there is large binary blob to get Broadcom chips to fire up and is not "free as beer". Been able to push this setup to 60Mbps. Was faster than my internet connection, so no issues... now I am 100Mbps so will slow me down. Hence backup.
In the end though... All are now running off the self hardware and/or firmware (OS). I use to "roll" my own, but all now are fully configurable with stock firmware, though you may have play a game or two to get all functions from wireless routers. R7900 is connected to the internet via its internet port (via locked nic on firewall), but DHCP is turned off and the firewall is DHCP with gateway pointing to it. This way the network mapping features work.
My next firewall I am looking at ARM... but most likely go PFsense or OPNsense with a NUC or other micro fanless 4 nic box.
(Score: 2) by DannyB on Saturday April 14 2018, @02:41PM
If you are the guy that everyone calls in case of fire, and your bosses don't recognize that, it is really sad. Must be extremely frustrating.
If one of the production server's power supply has caught fire, best practice is to schedule a meeting to determine whether DevOps should fix this, or the software team should issue a software patch to correct the problem in order that we can close this ticket as quickly as possible.
The lower I set my standards the more accomplishments I have.